From 13413c6cde8b2563311f56ec15a39e99fbbd7ae1 Mon Sep 17 00:00:00 2001
From: platfowner <seo@comcom.ai>
Date: Tue, 30 Apr 2024 15:18:36 +0900
Subject: [PATCH] Let verifySignedMessage() handle exceptions

---
 p2p/p2p-util.js            | 14 ++++++++++----
 test/unit/p2p-util.test.js | 30 ++++++++++++++++++++++--------
 2 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/p2p/p2p-util.js b/p2p/p2p-util.js
index c11749118..53cf1cfef 100644
--- a/p2p/p2p-util.js
+++ b/p2p/p2p-util.js
@@ -92,12 +92,18 @@ class P2pUtil {
     }
   }
 
-  static verifySignedMessage(message, address) {
+  static verifySignedMessage(message, address, chainId) {
+    const LOG_HEADER = 'verifySignedMessage';
     if (!P2pUtil._isValidMessage(message)) {
-      return null;
+      return false;
     } else {
-      const chainId = DB.getBlockchainParam('genesis/chain_id');
-      return ainUtil.ecVerifySig(JSON.stringify(message.data.body), message.data.signature, address, chainId);
+      const cId = chainId !== undefined ? chainId : DB.getBlockchainParam('genesis/chain_id');
+      try {
+        return ainUtil.ecVerifySig(JSON.stringify(message.data.body), message.data.signature, address, cId);
+      } catch (err) {
+        logger.error(`[${LOG_HEADER}] The message is not correctly signed. Discard the message!!`);
+        return false;
+      }
     }
   }
 
diff --git a/test/unit/p2p-util.test.js b/test/unit/p2p-util.test.js
index 4b4a2efe7..e1454d0d1 100644
--- a/test/unit/p2p-util.test.js
+++ b/test/unit/p2p-util.test.js
@@ -5,6 +5,7 @@ const expect = chai.expect;
 const assert = chai.assert;
 const { BlockchainConsts, BlockchainParams } = require('../../common/constants');
 
+// NOTE(platfowner): Run this test with AirPlay Receiver off on MacOs to avoid port number (5000) conflicts (see https://developer.apple.com/forums/thread/682332).
 describe("P2P Util", () => {
   const mockAddress = '0x012345678abcdef';
   let webServer;
@@ -240,7 +241,8 @@ describe("P2P Util", () => {
       }
     };
     const signature = util.signMessage(body, mockPrivateKey);
-    it("returns null with wrong messages", () => {
+
+    it("returns false with wrong messages", () => {
       const wrongMessage1 = {
         data: {
           signature: signature
@@ -281,13 +283,13 @@ describe("P2P Util", () => {
           body: body
         }
       };
-      expect(util.verifySignedMessage(wrongMessage1)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage2)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage3)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage4)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage5)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage6)).to.equal(null);
-      expect(util.verifySignedMessage(wrongMessage7)).to.equal(null);
+      expect(util.verifySignedMessage(wrongMessage1)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage2)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage3)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage4)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage5)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage6)).to.equal(false);
+      expect(util.verifySignedMessage(wrongMessage7)).to.equal(false);
     });
 
     it("verifies signature correctly", () => {
@@ -301,6 +303,18 @@ describe("P2P Util", () => {
       const address = util.getAddressFromMessage(mockMessage);
       expect(util.verifySignedMessage(mockMessage, address)).to.equal(true);
     });
+
+    it("returns false with wrong chainId", () => {
+      const mockMessage = {
+        type: 'test',
+        data: {
+          body: body,
+          signature: signature
+        }
+      };
+      const address = util.getAddressFromMessage(mockMessage);
+      expect(util.verifySignedMessage(mockMessage, address, 1)).to.equal(false);  // with wrong chainId = 1
+    });
   });
 
   describe("toHostname", () => {